> On Sun, 2021-01-31 at 21:41 +0300, somebody from mother Russia wrote: > > Hello, > > Our employer decided that AnyConnect Secure Mobility Client with > > multifactor Azure authentication is the only secure option to connect > > to > > work. No alternatives, no discussions. > > There are packages for Windows and Linux only. > > Did anybody succeed in running vpn clients compatible with all that > > funny stuff? > > > > Hi, > > have you tried your luck with Openconnect? It's in packages. I've had > luck with that at least on Linux side on my work laptop.
I have been using Openconnect for a while and with exception of the 6.8 release cycle it worked perfectly. At the beggining of the 6.8 release cycle OpenBSD package was "broken". I am not sure if it was OpenBSD SSL stack or the server side (Cisco black box) but I just tried again today and there was no error. oko# openconnect https://nrec.vpn.cmu.edu POST https://nrec.vpn.cmu.edu/ Connected to 128.2.5.164:443 SSL negotiation with nrec.vpn.cmu.edu Connected to HTTPS on nrec.vpn.cmu.edu with ciphersuite (TLS1.2)-(ECDHE-SECP256R1)-(RSA-SHA512)-(AES-256-GCM) oko# uname -a OpenBSD oko.int.bagdala2.net 6.8 GENERIC.MP#4 amd64 oko# syspatch -l 001_bgpd 002_icmp6 003_tmux 004_wg 005_unwind 006_rpki 007_xmaplen 008_asn1 009_exit 010_smtpd 011_nd6 012_carp > > -- > Kind regards, > Ville
